indo totoPrivacy Policy

This page describes what we collect when you use indo toto and how we keep that data protected. We collect personal information only to verify your identity, process your deposits and withdrawals, and comply with local regulations. We do not sell your data to third parties, and we do not use it for marketing outside our platform.

Our servers may sit outside your jurisdiction, but we encrypt all data in transit and at rest. We use industry-standard security practices: TLS 1.3 for transport, bcrypt for password hashing, and role-based access controls for our staff. We conduct monthly security audits and respond to any suspected breach within 24 hours.

If you have questions about how we handle your data, our support team is available via live chat, email, and phone during business hours.

What we collect on indo toto

We collect your email address, phone number, full name, date of birth, and a photo of your ID card when you register. We use this information to verify your identity and prevent fraud. We also collect your payment method details (e-wallet account or bank account number) to process deposits and withdrawals.

We log every transaction on your account: every deposit, every withdrawal, every bet, and every payout. We also log your login attempts, your password resets, and any changes to your account settings. This transaction history is encrypted and stored on our servers.

We collect minimal device information: your device type (Android or iOS), your app version, and your IP address. We use this to detect suspicious login patterns and to troubleshoot technical issues. We do not collect your location, your contacts, or your browsing history outside indo toto.

How we use your data

We use your personal information to verify your identity, process your deposits and withdrawals, and settle your bets. We also use it to detect fraud, prevent account takeover, and comply with local regulations. We may contact you via email or SMS if we detect suspicious activity on your account.

We do not use your data for marketing. We do not send you promotional emails or SMS messages unless you explicitly opt in. We do not share your data with advertisers or data brokers.

We may disclose your data to law enforcement or regulatory authorities if required by law. We will notify you of such a request unless we are legally prohibited from doing so.

Third-party processors

We use third-party payment processors to handle deposits and withdrawals. These processors include DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, and the major Indonesian banks (mobile banking, local payment, online payment, e-wallet). We share only the information necessary to complete your transaction: your name, account number, and transaction amount.

We also use third-party cloud providers to store our data. These providers are located outside Indonesia and are subject to their own privacy policies. We have data-processing agreements in place to ensure they meet our security standards.

We do not share your data with any other third parties without your explicit consent, except as required by law.

Your rights on indo toto

You have the right to access your personal data at any time. You can download your transaction history, your account settings, and your KYC documents from your account dashboard. You also have the right to request a correction if any of your personal information is inaccurate.

You have the right to request deletion of your account and associated data, subject to our legal obligations. If you request account closure, we will delete your personal information within 30 days, except for transaction records which we retain for five years for regulatory compliance.

You have the right to object to our use of your data for fraud detection or account security. However, if you object, we may not be able to provide our services to you.

Cookies and tracking

We use cookies to keep you logged in and to remember your preferences. We use session cookies (which expire when you close your browser) and persistent cookies (which remain for up to one year). We do not use cookies for tracking or advertising.

You can disable cookies in your browser settings, but this may affect your ability to use indo toto. We also use local storage to cache game data and reduce data usage on mobile networks.

Our security practices

We encrypt all data in transit using TLS 1.3. We hash all passwords using bcrypt with a salt of 12 rounds. We store all sensitive data (ID documents, payment details) in encrypted form on our servers. We use role-based access controls to limit staff access to personal data.

We conduct monthly security audits and annual penetration tests. We have a bug-bounty program for security researchers. If we detect a data breach, we notify affected users within 24 hours and provide guidance on account security.

We recommend enabling two-factor authentication on your account. We also recommend using a strong, unique password and changing it regularly.

Data retention

We retain your personal information for as long as your account is active. If you close your account, we delete most of your data within 30 days. We retain transaction records for five years to comply with anti-money-laundering regulations. We retain ID documents and selfies for five years after account closure.

We may retain aggregated, anonymized data indefinitely for analytics and fraud prevention.

Contact indo toto

If you have questions about our privacy practices, contact our support team via live chat, email, or phone. We respond to privacy inquiries within five business days. If you are not satisfied with our response, you may file a complaint with your local data-protection authority.

Our services are available only where local law permits. Account holders in Jakarta, Surabaya, Bandung, and Medan are responsible for confirming that their use of indo toto complies with their local regulations. We do not offer our services in jurisdictions where online gaming is prohibited.